Lucene search
+L

159 matches found

mssecure
mssecure
added 2026/06/18 3:43 a.m.35 views

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

In this article 1. Attack chain overview 1. Discovery and initial indicators 2. Dependency injection: the poisoned package.json 3. Typosquat analysis: easy-day-js 4. Staged delivery pattern 5. Obfuscation and payload analysis 6. TLS bypass to self-deletion 7. Timeline analysis 2. Who is Sapphire...

6.9AI score
Exploits0
ossf
ossf
added 2026/06/17 6:32 p.m.17 views

Malicious code in @mastra/loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5225485064c54423eac85ed05753c97466d46c15d9b59dbe48193b115f538b3b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 6:32 p.m.6 views

MAL-2026-6072 Malicious code in @mastra/loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5225485064c54423eac85ed05753c97466d46c15d9b59dbe48193b115f538b3b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 6:27 p.m.14 views

Malicious code in @mastra/redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9691125da52a04efba450b4c5dcbebe08a604a54f2e9420d95ce17f782f2728 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 6:27 p.m.7 views

MAL-2026-6074 Malicious code in @mastra/redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9691125da52a04efba450b4c5dcbebe08a604a54f2e9420d95ce17f782f2728 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
osv
osv
added 2026/06/17 11:51 a.m.9 views

MAL-2026-6055 Malicious code in @mastra/node-speaker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d1fc45cd66b93c4e1a83c1743f1ac9ee3ebea854208b1a9cae83ee957ebfd83 @mastra/node-speaker is a PCM audio output library wrapping native mpg123 bindings. Its package.json declares 'easy-day-js' ^1.11.21 as a runtime...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 11:50 a.m.11 views

Malicious code in @mastra/voice-playai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 095ae6a310d12472e2f23394b600c1465acb4921d1ae78a38893ff567518437f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
ossf
ossf
added 2026/06/17 11:11 a.m.8 views

Malicious code in @mastra/github-signals (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e263abbd9ed9975f3f8aaecfd1a780616bc3aef00238ed9ba9075b5bf4e38f37 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
ossf
ossf
added 2026/06/17 11:10 a.m.9 views

Malicious code in @mastra/mem0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0103dbf66edb7ceb716e244ea15e4a68e439052d93646cb1107c780e79620541 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 11:10 a.m.12 views

MAL-2026-6053 Malicious code in @mastra/mem0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0103dbf66edb7ceb716e244ea15e4a68e439052d93646cb1107c780e79620541 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 11:8 a.m.11 views

Malicious code in @mastra/node-audio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e67f59921eaf19b7b608ed824610779a1929306854008a2a1633edf67bca3b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
ossf
ossf
added 2026/06/17 11:7 a.m.10 views

Malicious code in @mastra/react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb2d86bcc71a172b3b3abf321bea01e031f13fcbd7cf94c490a5735f02f6dc8f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 11:7 a.m.11 views

MAL-2026-6056 Malicious code in @mastra/react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb2d86bcc71a172b3b3abf321bea01e031f13fcbd7cf94c490a5735f02f6dc8f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
thn
thn
added 2026/06/17 7:38 a.m.30 views

145 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 145 npm packages associated with the Mastra namespace "@mastra/", a popular open-source JavaScript and TypeScript framework for building artificial intelligence AI applications, have been compromised as part of a software supply chain attack codenamed easy-day-js , per findings from...

6AI score
Exploits0
ossf
ossf
added 2026/06/17 5:12 a.m.10 views

Malicious code in @mastra/arize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a9417097d18abea911925be99fa31e70127eac4dcbcb16fb9eb5f20155a6650 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 5:12 a.m.6 views

MAL-2026-5998 Malicious code in @mastra/arize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a9417097d18abea911925be99fa31e70127eac4dcbcb16fb9eb5f20155a6650 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 5:9 a.m.10 views

Malicious code in @mastra/voice-elevenlabs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f99d987467406ef04c81d4437451d8ba5f38649e85437a361470bb9fd94fbe53 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 5:9 a.m.10 views

MAL-2026-6045 Malicious code in @mastra/voice-elevenlabs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f99d987467406ef04c81d4437451d8ba5f38649e85437a361470bb9fd94fbe53 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 5:8 a.m.9 views

Malicious code in @mastra/gcs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 722de440c55cc50c4576818745c16ee5105f7cf4c61295943a07826b22be9387 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 5:8 a.m.8 views

MAL-2026-6023 Malicious code in @mastra/gcs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 722de440c55cc50c4576818745c16ee5105f7cf4c61295943a07826b22be9387 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
Rows per page
Query Builder